10.6.1 Server - cannot prevent authenticated users from creating a blog

Similar Messages

• Cannot prevent authenticated users from creating a blog on "My Page"

  I have a brand new Snow Leopard (10.6.1) 2.26 Ghz quad core Xserve with 12Gb RAM that will be used for web collaboration services. I've currently set up Wiki and Blog services with a group membership to allow creating wikis/blogs. The reason for this is for staff development purposes with the plan to add people into the group as they are trained. The process to set it all up was very simple, however, I'm having an issue preventing authenticated users from creating a personal blog. Although I can prevent the creation of wiki's to members of a group easily, any authenticated user on the server can log into "My Page" and will be able to create a blog. I've gone to server admin>choose the server>choose the "access" icon and set the column "for selected services below" (blog) to "allow only users and groups below" (the group) and it still doesn't prevent them from making a blog page. In WGM for the group on the "Basic" tab, the "enable the following services for this group" has only the choice of "none" and therefore since the site isn't showing as a choice, the Wiki, Blog, Calendar and Mailing List is grayed out. I've seen another thread that states in 10.6 that option for setting the service acl in the group settings of WGM is unavailable. Does anyone know a fix for my problem of security access for a "My Page" blog or is it a possible bug in Snow Leopard? Right now my only workaround is to remove the users access and enable it as they are trained. This isn't an ideal fix, however, because we have some users who want to limit their wiki or blog to authenticated users only, not public access. Any help will be greatly appreciated.
  Message was edited by: dstrollo.il

  Ran into this same issue.... Talked with a field engineer who confirmed the behavior. The question now is this a defect or "feature that does not work as as the audience desires". As I far can tell, the security setting for blogs in server admin does nothing at all. This has the potential to cause a few issues as you cannot limit who can have a blog.
  Message was edited by: jlindler

• Is it possible to prevent a user from creating and approving a JV

  Hi,
  Is it possible to prevent a user from creating and approving a JV.  We have a rule that one user cannot do both.  What happens is user#1 creates the JV, then some other user#9 approves the JV.  Both user#1 and user#9 need to be able to create a JV and approve someone else's JV.
  The transactions in question are...
  F-02  General Posting - enter Journal Voucher (create & post)
  F-65  Enter General Document - Parking (create)
  FBV0  Post or Delete a Parked Document (approval)
  Please let me know the details.
  Thanks in advance,
  regrads,
  Chaks

  Hi,
  Requisition is submitted.....it means Requisition is saved or it means Requisition is Released..?
  Regards,
  manish

• How to prevent public users from creating and saving Word Documents

  I have two public computers available for the public to view legal case documents.  The program used uses the Word shell to save, view and print documents within the program.  The clerk has stated that she does not want attorneys or others to
  be able to create and save word documents on these computers.  Is there a way to prevent a user on the public computers from opening word, creating a document and saving it?

  Instead of installing Word on the public computer (or at least instead of making it available on the public account), you could install the free Word Viewer:
  https://www.microsoft.com/en-us/download/details.aspx?id=4 and make that available for the public account. Alternatively, if you want to ensure the document retains its originally
  formatting regardless of what printer may or may not be attached to the public computer, you could keep only PDF copies of the file where the public can access them and install the free Adobe Acrobat Reader for viewing:
  https://get.adobe.com/reader/.
  Cheers
  Paul Edstein
  [MS MVP - Word]

• Obiee11g upgrade: Preventing authenticated-user from accessing obiee system

  HI Gurus,
  We have a problem regarding security and request your inputs. Please see the issue below:
  Current Situation:
  We have successfully integrated OBIEE11g with our enterprise MS Active DIrectory. With the current set up, any user in the company will be successfully authenticated by MSAD and he/she is able to login to obiee and reach the new bieehome page. I want to prevent this.
  Expected:
  Only users who belong to certain AD Groups should be able to acess obiee
  How do I prevent this? In our MSAD we have AD groups built to identify OBIEE users. These ad Groups are pre-fixed with OBIEE_ (Ex: OBIEE_Marketing etc). Only the users belong to these groups should be allowed to login.
  In 10g, we made use of privileges to explicitly grant access to obiee. We made use of privileges like 'Access to Dashboard' etc. As a result, even if a user is successfully authenticated by LDAP MSAD , he wont be able to reach obiee dashboards if he is not a member of designated GROUP. In 11g, since there is a new page called 'BIEE HOME', non-authorized users are able to reach this page.
  Any help would be highly appreciated
  --Joe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       

  I have created an SR with Oracle and as per the responses I got, it looks like this is an issue as there is no way to restrict access to bieehome page.
  Anyone has any workarounds? This is really holding up our 11g release
  --Joe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   

• How do i prevent the user from entering a RETURN/ENTER key into their username?

  Hello,
  i am currently trying to make a login system where the
  username will obviously enter their username.
  I have made my user input box editable and set up variables
  to accept the user input and store them into variables, along with
  error prevention for blank fields.
  However i cannot prevent the user from hitting the
  "enter"/"return" key. When i hit "enter" the user input box box
  gets larger as the type curser moves onto the next line and when
  the username is stored in a variable it is stored as "theuser
  RETURN" so when variable is passed to the next frame and is
  recalled by another text box to display the username, the user name
  has a carriage return.
  I want to prevent this, anyone got any suggestions? or know
  of any websites i can visit which will explain this to me nicely??
  Thank you

  suggestion:
  don't make the edit field editable right from the start.
  rather attach a behaviour to the field/text-sprite like:
  property mySprite, myMember
  on beginsprite me
  Sprite = me.spritenum
  -- this is the channel-number of the editbox
  myMember = mySprite.member.number
  -- this is the field/text-member
  member(myMember).editable = FALSE
  end beginsprite
  on mouseup me
  -- when i get clicked for editing, then set me editable
  member(mymember).editable = TRUE
  the keydownscript = "MyKeyhandler"
  -- this sets the keyhandler to YOUR keyhandler, see below
  end mouseup
  You would then need to have YOUR keyhandler in any mociesript
  and there you
  would block any unwished key, while editing
  on MyKeyhandler
  case the key of
  RETURN:
  stopevent;
  otherwise
  pass;
  end case
  end MyKeyhandler
  in the end you would attach a behaviour to any
  "Submit"-button (this is the
  one that "gets" the userinput" and performs further action
  according to your
  wishes and decisions)
  on mouseup
  the keydownscript = EMPTY
  -- this resets to normal
  user-ID = member("Whatever the number or name of your
  editfield
  is").text
  member("Whatever the number or name of your editfield
  is").editable
  = FALSE
  -- any further actions to make in your project
  -- to get along with the entered User-ID
  end mouseup
  something like this, I guess
  Peter

• VPN connection on Mac gives "PPP Server cannot be authenticated"

  Hello all
  I am trying to connect my mac mini to my company's VPN. On my mac mini I tried the following to connect to VPN.
  - System Preferences -> Network
  - Created a new network, interface: VPN, VPN type: L2TP over IPSec, service name: Office VPN
  - Configuration: default, Server Address: 222.222.22.222, Account Name: user1
  Authentication Settings -> User Authentication Password: (password), Machine Authentication Shared Secret: (secret)
  This does connect the mac to the vpn but after an interval of 6-10 minutes I always get a "PPP server cannot be authenticated" error. I can't seem to understand what is going wrong over here. The same problem is with every mac trying to connect to this vpn. Windows PC users did not report a problem of such sort.
  I checked the system logs as well. Here's what happened until the connection was disconnected.
  Thu Apr 14 14:43:02 2011 : L2TP connecting to server '222.222.22.222' (222.222.22.222)...
  Thu Apr 14 14:43:02 2011 : IPSec connection started
  Thu Apr 14 14:43:04 2011 : IPSec connection established
  Thu Apr 14 14:43:04 2011 : L2TP connection established.
  Thu Apr 14 14:43:04 2011 : Using interface ppp0
  Thu Apr 14 14:43:04 2011 : Connect: ppp0 <--> socket[34:18]
  Thu Apr 14 14:43:04 2011 : CHAP authentication succeeded
  Thu Apr 14 14:43:07 2011 : local IP address 192.168.69.100
  Thu Apr 14 14:43:07 2011 : remote IP address 192.168.1.254
  Thu Apr 14 14:43:07 2011 : primary DNS address 192.168.1.84
  Thu Apr 14 14:43:07 2011 : secondary DNS address 192.168.1.85
  Thu Apr 14 14:43:07 2011 : l2tpwaitinput: Address added. previous interface setting (name: en1, address: 192.168.4.14), current interface setting (name: ppp0, family: PPP, address: 192.168.69.100, subnet: 255.255.255.0, destination: 192.168.1.254).
  Thu Apr 14 14:43:37 2011 : l2tpwaitinput: Other Address event (8). previous interface setting (name: en1, address: 192.168.4.14), other interface setting (name: 99, family: 8716788, address: 4.0.69.100, subnet: 0.0.0.1, destination: 128.192.31.0).
  **Thu Apr 14 14:43:34 2011 : IPV6CP: timeout sending Config-Requests**
  Thu Apr 14 14:55:07 2011 : Connection terminated.
  Thu Apr 14 14:55:07 2011 : Connect time 12.1 minutes.
  Thu Apr 14 14:55:07 2011 : Sent 20233 bytes, received 48346 bytes.
  Thu Apr 14 14:55:07 2011 : L2TP disconnecting...
  Thu Apr 14 14:55:07 2011 : L2TP disconnected
  Can somebody help me out over here? What could be going wrong over here?

  I'm looking for much the same answer, so can't help with the big picture. However, the Firewall options are not in System Preferences, but in the Server Admin in the Dock. Click on it, click on the triangle next to your server's name, then go down to FIrewall.

• Cannot lock the page to prevent other users from editing it. Please try again later. Error with ASP pages

  Cannot lock the page to prevent other users from editing it.
  Please try again later.
  I get t his error when I try to edit ASP pages on my web
  server, I have all admin rights, anyone know a fix for this?

  App Store support. There is troubleshooting and a contact link.
  Support

• Reporting Services through ISA server for All Authenticated Users

  Hello colleagues.
  I have MS SQL 2012 server with Reporting Services and it work via link:
  https://reports2.domain.com/reports
  In LAN all work fine, but I want publish this resource via ISA for All Authenticated Users.
  When in publish rule I configure (in Condition) "All users" - all work fine, but when I configure "All Authenticated Users" - I have trouble on web form on
  https://reports2.domain.com/reports/Pages/Report.aspx?ItemPat...  - scripts not work, because it run how "anonymous" (I see on ISA logging) and ISA block scripts.
  I can't use "All Users", because it's not secure.
  Maybe somebody publish Reporting Services through ISA server for All Authenticated Users?
  OR maybe - how on Reporting Services configure Negotiate authenticated for scripts?

  Hi Alexander,
  All users or applications who request access to report server content or operations must be authenticated using the authentication type configured on the report server before access is allowed. The AuthenticationType named RSWindowsNegotiate is supported
  by Reporting Services. To configure Windows Authentication on the Report Server, please see:
  http://msdn.microsoft.com/en-us/library/cc281253(v=sql.110).aspx
  Besides, we can publish report server via ISA server. Please note that you should use a new web port number with a new listener which shouldn’t be used by other web site for report server. Reference:
  http://social.technet.microsoft.com/Forums/forefront/en-US/1cc68996-1ce6-4d88-a30d-2bfd13fba06e/how-to-publish-ssrs-2008-through-isa-2006?forum=Forefrontedgegeneral
  Hope this helps.
  Thanks,
  Katherine Xiong
  Katherine Xiong
  TechNet Community Support
  Katherine thanks for answer.
  Report Server service started as Domain account.
  I have in RSReportServer.config this:
  <Authentication>
  <AuthenticationTypes>
  <RSWindowsNegotiate />
  </AuthenticationTypes>
  <RSWindowsExtendedProtectionLevel>Allow</RSWindowsExtendedProtectionLevel>
  <RSWindowsExtendedProtectionScenario>Proxy</RSWindowsExtendedProtectionScenario>
  <EnableAuthPersistence>true</EnableAuthPersistence>
  </Authentication>
  In web.config I have this:
  <authentication mode="Windows" />
      <identity impersonate="true" />
  I can go (from Internet through ISA) to
  https://reports2.domain.com/reports  and LogOn Authentication is work, but scripts not work, because it run how "anonymous" (I see this on ISA logging) and ISA block scripts.
  Do you know where in Reporting Services configure run scripts with Negotiate authentication?

• How to prevent end user to create a Query View and save back to BW Server?

  Dear All :
  Do Someone know that how to setup authorization for Bex Query View Creation? We want to prevent end user to create a Query View to save back to BW Server his favorite folder. when our user run Bex Query, he can base on this query and use Bex Analyzer's save function to save a Query View and save into his favorite folder.
  My question is :
  1. Can we set up a Authorization to prevent end user to save Bex Query View?
  2. Or can I remove Save function from Bex Analyzer to prevent end user use save function, But Developer should not to be prevent .
  Thanks for all of your kindly response.
  Best Regard
  Lawrence Kuo

  Hi.
  Yes, you can do it like you outline in your point 1):
  You need to use the authorization object S_RS_COMP for this. This object let's you control what parts/components of a query the user can do stuff to. So, in your case, you need to have a role for the users, where you do not grant create-access to the component QVW, and then you need another role for developers, where you grant full access or whatever you need for your developers.
  See [this post|http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/a6c54319-0e01-0010-20a4-fb81ad32f330?QuickLink=events&overridelayout=true&5003637661135] and the [SAP Help entry|http://help.sap.com/saphelp_nw70/helpdata/en/80/1a6859e07211d2acb80000e829fbfe/content.htm].
  You will also need to use the authorization object S_RS_COMP1. If you already have a productive system with users doing reporting, both objects will be maintained in one of the roles already.
  You also want to consider using the object S_RS_PARAM to allow users to create variants for the variabel screen.
  Good luck.
  Jacob

• How to prevent user from creating jobs

  Hi,
  we need to prevent user from creating jobs on a dev enviorement. It's a 10.2.0.4 database standard on linux 64bits.
  Their schema has only connect and resource roles. Is there a way to prevent them from creating jobs? In 11g it's the CREATE JOB permission, but in 10g i'm not sure how can i do this.
  Thanks for any ideas!

  On 10g it's probably the CREATE JOB as well.
  http://www.oracle.com/pls/db102/homepage
  Alternatively you could:
  alter system set job_queue_processes=0
  http://download.oracle.com/docs/cd/B19306_01/server.102/b14237/initparams089.htm#REFRN10077

• Hi All, We are in to Release 11.5.10.2.There is a specific requirement to Prevent users from creating Manual Sales Orders in oracle and yet users should be able to book the Sales Orders Imported from CRM system into Orcale.Please advise.

  Hi All, We are in to Release 11.5.10.2.There is a specific requirement to Prevent users from creating Manual Sales Orders in Oracle and  yet users should be able to book the Sales Orders Imported from CRM system into Orcale.Please advise.

  Thanks for your advise.
  However, I missed to mention that we have two set of users  One is for Finished Goods and another for Spares.
  Only Spares users need to be prevented from creating Direct/Manual Sales Orders in Oracle.
  As you suggested, if this will be done at Form level, that may Disallow FG users also to create Manula Sales Orders which should not be the case.
  Further, I tried to test one scenario through Processing Constraints but it did not work.
  Application
  OM
  Validation Type
  Entity
  Temp
  Short Name
  TBL
  Validation Semantics
  Created By
  Equal To
  User(Myself)
  Processing Cosntraint
  Application
  OM
  Entity
  Order Header
  Constraint
  Operation
  User Action
  Create
  Not Allowed
  Conditions
  Group
  Scope
  Validation Entity
  Record Set
  Validation Template
  101
  Any
  Order Header
  Order
  Above Created
  Please advise.

• How to prevent multiple users from updating the same data in coherence

  Hi,
  I have a Java Web Application and for data cache am using coherence 3.5. The same data maybe shared by multiple users which maybe in hundreds. Now how do I prevent multiple users from updating the same data in coherence i.e. is there something in coherence that will only allow one user a time to update. If one user is in a process of updating a data in coherence and some other user also tries to update then the second user should get an error.
  Thanks

  I have a question on the same line. How can I restrict someone from updating a cache value when I a process is already working on it. I tried locking the cache key but it does not stop other process to update it , it only does not allow other process to get lock on it.

• Prevent multiple users from editing/approving the same form SPD 2013,SP 2013

  Hello all, I have a workflow with a to do task, the task is assigned to a group so any of the users in that group can go in and do a quality check on form data and approve it.  How do I prevent multiple users from working on the
  same form? do I just require check out? or is there a way to notify the rest of the group that a user has already started the quality check.

  The "Require Checkout" option is your best bet.  You can also enable the auto checkout on edit option to allow minimal effort on the side of the user.  Other users will then get the error message stating the item is checked out, if they try to
  edit it.
  If you'd like, you could add a workflow to the task list that triggers when something is changed.  That workflow can check if the item is checked out and if so, email the other users assigned to the task.
  I trust that answers your question...
  Thanks
  C
  |
  RSS |
  http://crayveon.com/blog |
  SharePoint Scripts | Twitter |
  Google+ | LinkedIn |
  Facebook | Quix Utilities for SharePoint

• Prevent multiple users from updating coherence cache data at the same time

  Hi,
  I have a web application which have a huge amount of data instead of storing the data in Http Session are storing it in coherence. Now multiple groups of users can use or update the same data in coherence. There are 100's of groups with several thousand users in each group. How do I prevent multiple users from updating the cache data. Here is the scenario. User logs-in checks in coherence if the data there and gets it from coherence and displays it on the ui if not get it from backend i.e. mainframe systems and store it in coherence before displaying it on the screen. Now some other user at the same time can also perform the same function and if don't find the data in coherence can get it from backend and start saving it in coherence while the other user is also in the process of saving or updating. How do I prevent this in coherence. As have to use the same key when storing in coherence because the same data is shared across users and don't want to keep multiple copies of the same data. Is there something coherence provides out-of-the-box or what is best approach to handle this scenario.
  Thanks

  Hi,
  actually I believe, that if we are speaking about multiple users each with its own HttpSession, in case of two users accessing the same session attribute in their own session, the actually used cache keys will not be the same.
  On the other hand, this is probably not what you would really like, you would possibly like to share that data among sessions.
  You should probably consider using either read-through caching with the CacheLoader implementor doing the expensive data retrieval (if the data to be cached can be obtained outside of an HTTP container), or side caching with using Coherence locks or entry-processors for concurrency control on the data retrieval operations for the same key (take care of retries in this case).
  Best regards,
  Robert